package cn.com.yusys.yusp.commons.starter.config;

import cn.com.yusys.yusp.commons.starter.config.WebFilterProperties;
import cn.com.yusys.yusp.commons.util.StringUtils;
import cn.com.yusys.yusp.commons.util.collection.CollectionUtils;
import cn.com.yusys.yusp.commons.web.filter.AccessFilter;
import cn.com.yusys.yusp.commons.web.filter.XssAndSqlFilter;
import java.util.EnumSet;
import javax.servlet.DispatcherType;
import javax.servlet.Filter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;

@EnableConfigurationProperties({WebProperties.class, WebFilterProperties.class})
@Configuration
@ConditionalOnClass({Filter.class})
/* loaded from: input_file:cn/com/yusys/yusp/commons/starter/config/WebFilterAutoConfiguration.class */
public class WebFilterAutoConfiguration {
    private static final Logger logger = LoggerFactory.getLogger(WebFilterAutoConfiguration.class);

    @Configuration
    @ConditionalOnProperty(name = {"yusp.filter.access.enabled"}, havingValue = "true")
    @ConditionalOnClass(name = {"cn.com.yusys.yusp.commons.session.SessionService"})
    /* loaded from: input_file:cn/com/yusys/yusp/commons/starter/config/WebFilterAutoConfiguration$AccessFilterAutoConfiguration.class */
    static class AccessFilterAutoConfiguration {
        public final Integer FILTER_ORDER_ACCESS = 98;

        AccessFilterAutoConfiguration() {
        }

        @Bean
        public FilterRegistrationBean<Filter> accessFilterBean(WebProperties webProperties, WebFilterProperties webFilterProperties) {
            FilterRegistrationBean<Filter> filterRegistrationBean = new FilterRegistrationBean<>(new AccessFilter(), new ServletRegistrationBean[0]);
            filterRegistrationBean.setOrder(this.FILTER_ORDER_ACCESS.intValue());
            filterRegistrationBean.addInitParameter(AccessFilter.IGNORE_URLS_KEY, webProperties.getIgnoreUrls());
            filterRegistrationBean.addInitParameter(AccessFilter.IGNORE_RESOURCE_KEY, webProperties.getIgnoreResources());
            filterRegistrationBean.addInitParameter(AccessFilter.ENABLE_SERVICE_AUTH_KEY, Boolean.toString(webFilterProperties.getServiceAuthority().isEnabled()));
            WebFilterAutoConfiguration.logger.info("Access file has register success!");
            return filterRegistrationBean;
        }
    }

    @ConditionalOnMissingBean({CorsFilter.class})
    @Configuration
    @ConditionalOnProperty(name = {"yusp.filter.cors.enabled"}, havingValue = "true")
    /* loaded from: input_file:cn/com/yusys/yusp/commons/starter/config/WebFilterAutoConfiguration$CorsAutoConfiguration.class */
    static class CorsAutoConfiguration {
        CorsAutoConfiguration() {
        }

        @Bean
        public FilterRegistrationBean<Filter> corsFilterBean(WebFilterProperties webFilterProperties) {
            WebFilterProperties.CorsConfiguration cors = webFilterProperties.getCors();
            UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
            if (cors.getAllowedOrigins() != null && !cors.getAllowedOrigins().isEmpty() && CollectionUtils.nonEmpty(cors.getPaths())) {
                cors.getPaths().stream().map(StringUtils::trim).filter((v0) -> {
                    return StringUtils.nonBlank(v0);
                }).forEach(str -> {
                    urlBasedCorsConfigurationSource.registerCorsConfiguration(str, cors);
                });
            }
            FilterRegistrationBean<Filter> filterRegistrationBean = new FilterRegistrationBean<>(new CorsFilter(urlBasedCorsConfigurationSource), new ServletRegistrationBean[0]);
            filterRegistrationBean.setOrder(Integer.MIN_VALUE);
            WebFilterAutoConfiguration.logger.info("Auto configuration >> cross-domain configuration done -> order [{}]", Integer.MIN_VALUE);
            return filterRegistrationBean;
        }
    }

    @Bean
    @ConditionalOnExpression("'true'.equals('${yusp.filter.xss.enabled:true}')")
    public FilterRegistrationBean<Filter> xssAndSqlFilter() {
        FilterRegistrationBean<Filter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new XssAndSqlFilter());
        filterRegistrationBean.addUrlPatterns(new String[]{"/*"});
        filterRegistrationBean.setDispatcherTypes(EnumSet.of(DispatcherType.REQUEST, DispatcherType.FORWARD, DispatcherType.ASYNC));
        logger.info("Anti XSS attack SQL injection filter configuration completed");
        return filterRegistrationBean;
    }
}
